[VOIPSEC] Re: Voipsec Digest, Vol 5, Issue 14
Robert Moskowitz
rgm at icsalabs.com
Thu May 26 15:55:55 EDT 2005
At 12:13 PM 5/26/2005, Dave Field wrote:
>It may be trivial to impersonate traffic, but if it doesn't make sense in
>the context of the current communication, it will be rejected.
It is not trivial to impersonate traffic with proper 802.11i deployments.
>WPA2 (now 802.11i) provides protection against replay attacks by changing
>its IV periodically.
Like every packet? Actually, for CCMP, IV is incorrect term as CCM is a
duo-mode of operation based on counter-mode. (I teach modes of operation
for block ciphers in my cryptography class).
>It also uses 128-bit AES encryption. I am confident that it will be the
>standard promulgated by Cisco now that it has been ratified. If you need
>to know more, Google '802.11i replay attack'.
Cisco is already putting it into products.
>WPA now, that is a different kettle of fish!
WPA **IS** 802.11i draft 3 with obvious errors corrected.
It is just that the WiFi certification did not require including CCMP in
WPA products, and many vendors did not.
WPA2 **IS** ratified 802.11i I have reported a couple of errors in their
certification that they have addressed.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who gets
the credit
More information about the Voipsec
mailing list